Lucene search
K

32 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/05/30 8:31 p.m.22 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities

Summary There is a vulnerability in a Open Source Software OSS component consumed by IBM Planning Analytics Workspace. Additionally, IBM Planning Analytics Workspace is vulnerable to Cross-site scripting, Path Traversal, Session Fixation vulnerabilities. This Security Bulletin relates only to the...

8.8CVSS8.7AI score0.02303EPSS
Exploits1Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/08 6:25 p.m.22 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities

Summary There are vulnerabilities in multiple Open Source Software OSS components consumed by IBM Planning Analytics Workspace. For more information about the vulnerability impact, refer to the table in the "Related Information" section. This Security Bulletin relates only to the direct usage of...

9.8CVSS8.7AI score0.10701EPSS
Exploits7Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:56 a.m.71 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities

Summary There are vulnerabilities in multiple Open Source Software OSS components consumed by IBM Planning Analytics Workspace. These issues have been addressed by upgrading or removing the vulnerable libraries. Additionally, two Malicious File Upload vulnerabilities have been addressed. Please...

9.8CVSS9.7AI score0.99957EPSS
Exploits2Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 4:4 a.m.64 views

Security Bulletin: IBM Planning Analytics Workspace is affected but not considered vulnerable to multiple vulnerabilities

Summary IBM Planning Analytics Workspace is affected but not classified as vulnerable to multiple vulnerabilities based on current information, in the following 3rd-party components: Node.js word-wrap CVE-2023-26115, Node.js semver CVE-2022-25883, Node,js dicer, CVE-2022-24434, Redis...

9.8CVSS9.5AI score0.17673EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/29 7:19 p.m.47 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in multiple Open-Source Software (OSS) components

Summary There are vulnerabilities in multiple Open-Source Software OSS components consumed by IBM Planning Analytics Workspace. These issues have been addressed in IBM Planning Analytics Workspace by upgrading or removing the vulnerable libraries. Please refer to the table in the Related...

9.1CVSS9AI score0.91969EPSS
Exploits5Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/17 12:44 a.m.113 views

Security Bulletin: IBM Planning Analytics and IBM Planning Analytics Workspace are affected by security vulnerabilities

Summary This Security Bulletin addresses multiple vulnerabilities that have been remediated in IBM Planning Analytics 2.0.9.11 and IBM Planning Analytics Workspace 2.0.72. There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by IBM Planning Analytics and IBM Planning Analytic...

9.8CVSS10AI score0.13292EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/29 11:40 p.m.39 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components

Summary There are vulnerabilities in multiple Open Source Software OSS components consumed by IBM Planning Analytics Workspace. These issues have been addressed by upgrading or removing the vulnerable libraries. Please refer to the table in the Related Information section for vulnerability impact...

8.2CVSS7.3AI score0.01471EPSS
Exploits3Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/28 3:34 p.m.75 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components

Summary There are vulnerabilities in multiple Open Source Software OSS components consumed by IBM Planning Analytics Workspace. IBM Planning Analytics Workspace 2.0 Release 94 has addressed the applicable CVEs by upgrading or removing the vulnerable libraries. Please refer to the table in the...

10CVSS9.3AI score0.99999EPSS
Exploits22Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/22 6:13 p.m.51 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components

Summary There are vulnerabilities in multiple Open Source Software OSS components consumed by IBM Planning Analytics Workspace. IBM Planning Analytics Workspace 2.0 Release 93 has addressed the applicable CVEs by upgrading or removing the vulnerable libraries. Please refer to the table in the...

9.3CVSS9.5AI score0.99999EPSS
Exploits22Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/17 5:13 p.m.51 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilties (CVE-2022-43548, CVE-2020-7676, CVE-2021-42550, CVE-2021-38561, CVE-2022-32149)

Summary IBM Planning Analytics Workspace is affected by vulnerabilities. Node.js is an open-source and cross-platform JavaScript runtime environment CVE-2022-43548. Angular is a JavaScript framework that extends HTML CVE-2020-7676. Logback is a logging library for Java CVE-2021-42550. Golang Go...

8.5CVSS8.6AI score0.14024EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/28 6:48 p.m.42 views

Security Bulletin: IBM Planning Analytics and IBM Planning Analytics Workspace are affected by a security vulnerability in IBM WebSphere Application Server Liberty (CVE-2022-34165)

Summary There is a vulnerabilty in IBM WebSphere Application Server Liberty used by IBM Planning Analytics and IBM Planning Analytics Workspace. The applicable CVE has been addressed in IBM Planning Analytics and Planning Analytics Workspace. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION...

5.4CVSS5.5AI score0.00441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/28 7:52 p.m.45 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in Node.js and Spring Data MongoDB

Summary IBM Planning Analytics Workspace is affected by vulnerabilties in Node.js and Spring Data MongoDB CVE-2022-32212, CVE-2022-32213, CVE-2022-32223, CVE-2022-32214, CVE-2022-32222, CVE-2022-32215, CVE-2022-22980 Vulnerability Details CVEID:CVE-2022-32212 DESCRIPTION: Node.js could allow a...

9.8CVSS8.7AI score0.77278EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 2:56 p.m.23 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Planning Analytics and IBM Planning Analytics Workspace

Summary This Security Bulletin addresses multiple vulnerabilities that have been remediated in IBM Planning Analytics and IBM Planning Analytics Workspace. There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by IBM Planning Analytics and IBM Planning Analytics Workspace. The...

5.3CVSS6.7AI score0.06468EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/05 1:4 p.m.45 views

Security Bulletin: IBM Planning Analytics Workspace is affected by multiple vulnerabilities (CVE-2021-40690, CVE-2022-25647, XFID: 233967)

Summary IBM Planning Analytics Workspace is affected by multiple vulnerabilities. Apache Santuario Security for Java provides a mechanism for XML-Signature & XML Encryption syntax and processing CVE-2021-40690. Google Gson is an open-source Java library to serialize and deserialize Java objects t...

7.7CVSS8.5AI score0.1158EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/17 4:21 p.m.63 views

Security Bulletin: IBM Planning Analytics Workspace is affected but not classified as vulnerable by a remote code execution in Spring Framework (CVE-2022-22965)

Summary IBM Planning Analytics Workspace is affected but not classified as vulnerable to a remote code execution in Spring Framework CVE-2022-22965 as it does not meet all of the following criteria: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR in contrast to a...

9.8CVSS0.5AI score0.99677EPSS
Exploits100Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/13 5:8 p.m.53 views

Security Bulletin: IBM Planning Analytics Workspace is affected by multiple vulnerabilities (CVE-2022-22950, XFID:217968)

Summary IBM Planning Analytics Workspace is affected by multiple vulnerabilites. Spring is used in IBM Planning Analytics Workspace in Server Side Rest APIs as an indirect dependency by MongoDB that is used to store content CVE-2022-22950. FasterXML jackson-databind is used in IBM Planning...

6.5CVSS0.8AI score0.36658EPSS
Exploits0Affected Software1
NVD
NVD
added 2022/04/25 4:16 p.m.21 views

CVE-2021-39040

IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not validating the file types or sizes. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID:...

8CVSS0.00725EPSS
Exploits0References2
Prion
Prion
added 2022/04/25 4:16 p.m.21 views

Design/Logic Flaw

IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not validating the file types or sizes. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID:...

6CVSS8AI score0.00725EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.3 views

The vulnerability of the IBM Planning Analytics and IBM Planning Analytics Workspace software lies in the incorrect limitation of the path name to the restricted access catalog, allowing a perpetrator to execute arbitrary code.

The vulnerability of IBM Planning Analytics’ software is related to incorrect restrictions on the path name to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS5.9AI score
Exploits0References1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2021/11/23 3:54 p.m.53 views

Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities

Summary The Planning Analytics Workspace component of IBM Planning Analytics is affected by security vulnerabilities. These have been addressed in IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 70. Vulnerability Details CVEID: CVE-2021-3647 DESCRIPTION: Medialize URI.js...

9.3CVSS9.3AI score0.10608EPSS
Exploits6Affected Software1
Rows per page
Query Builder